KubeBlocks
BlogsKubeBlocks Cloud

Getting Started

Introduction
Supported addons
Installation

Concepts and Features

Concepts

Backup and Restore

Introduction

Backup

Configure BackupRepo
Configure BackupPolicy
Scheduled backup
On-demand backup

Restore

Restore from backup set
Point-in-Time Recovery

In Place Update

Introduction
Enable in-place update

Instance Template

Introduction
Apply instance template

Trouble Shooting

FAQs
Known Issues

References

API Reference

Cluster
Operations
Parameters
Dataprotection
Add-On
Terminology
Install Addons
Install kbcli
Snapshot Controller
Create a test Kubernetes cluster
Kubernetes and Operator 101
KubeBlocks Options and Roles

Upgrade KubeBlocks

Upgrade to v0.8
Upgrade to v0.9.0
Upgrade to v0.9.x

Release Notes

Release v1.0

v1.0.0-cn
v1.0.0

Release v0.9

v0.9.4
v0.9.3
v0.9.2
v0.9.1
v0.9.0
  1. Issue 1: KubeBlocks creates enormous number of secrets
    1. Problem Description
    2. Affected Version
    3. Root Cause
    4. Solution
  2. Issue 2: PostgreSQL fails to start with special characters in password
    1. Problem Description
    2. Affected Version
    3. Solution
  3. How to report a bug

Known Issues

Issue 1: KubeBlocks creates enormous number of secrets

Problem Description

KubeBlocks keeps creating an enormous number of secrets for each cluster and never stops. You may see the following information in KubeBlocks logs:

INFO reconcile object *v1.ServiceAccount with action UPDATE OK

Affected Version

  • KubeBlocks v1.0.0
  • Kubernetes versions \≤ 1.24

Root Cause

Before Kubernetes version 1.24, Kubernetes automatically generated Secret-based tokens for ServiceAccounts, as documented in Kubernetes Service Account Tokens.

Solution

Upgrade KubeBlocks to v1.0.0-beta.3 or later.

Issue 2: PostgreSQL fails to start with special characters in password

Problem Description

PostgreSQL may fail to start when the password contains certain special characters. By checking POD logs:

File "/usr/lib/python3/dist-packages/yaml/scanner.py", line 116, in check_token
    self.fetch_more_tokens()
  File "/usr/lib/python3/dist-packages/yaml/scanner.py", line 231, in fetch_more_tokens
    return self.fetch_anchor()
  File "/usr/lib/python3/dist-packages/yaml/scanner.py", line 621, in fetch_anchor
    self.tokens.append(self.scan_anchor(AnchorToken))
  File "/usr/lib/python3/dist-packages/yaml/scanner.py", line 929, in scan_anchor
    raise ScannerError("while scanning an %s" % name, start_mark,
yaml.scanner.ScannerError: while scanning an anchor
  in "<unicode string>", line 45, column 17:
          password: &amp;JgE#F5x&amp;eNwis*2dW!7&amp ...
                    ^

Affected Version

  • All KubeBlocks versions with PostgreSQL clusters

Solution

Use passwords that do not contain special characters that may cause parsing issues in PostgreSQL configuration files.

How to report a bug

To report a bug, you may

  1. create an issue in the KubeBlocks GitHub repository.
  2. [optional] provide the zip file generated by kbcli report command:
kbcli report cluster <clusterName>  --with-logs --mask # pack cluster manifest, version, and logs
kbcli report kubeblocks --with-logs --mask # pack kubeblocks logs

where clusterName is the name of the cluster you are reporting the bug for, and --mask will mask sensitive info for secrets and configmap.

© 2025 ApeCloud PTE. Ltd.